General Data Protection Regulation & Data Privacy Statements

Empauwer Data protection statement

Safe, Secure and ready for the General Data Protection Regulation

Nothing matters more to us than the security of your data. We have you covered for the EU’s new General Data Protection Regulation (GDPR).


Securing your data

Protecting customer data is a top priority at Empauwer. We understand you are trusting us with your data and we take the responsibility of securing it extremely seriously. Our Security page outlines all of our practices.


Data Correction

Account admins can modify collected personal data to meet the correction requirement of the GDPR with our user management tools or by making a request to


Right to be forgotten

You can request that personal information in your account be permanently removed. We give this control to you. Empauwer platform offers you an option to delete your profile and it will also purge your information such as interviews, jobs and references.


Built for security

Empauwer protects all of our customers with an array of security features.

Data encryption in transit

Data encryption at rest

Data centers routinely audited with industry-standard SSAE-16 methods

Data redundancy for resilience during disasters

SAML, OAUTH and OpenID support for secure authentication

Continuous network monitoring

Industry-standard security evaluations

Independent third-party security reviews and penetration tests

Role-based authentication

IP address whitelisting


Cyber security is a very important aspect for Empauwer and this is where our partnership with Microsoft helps, increasing security to our clients by hosting the platform on Microsoft’s cloud, Azure.


What is the GDPR?

Effective May 25th 2018, the GDPR tightens the rules for businesses on how they collect, store and process EU citizens’ personal data. The new regulations impact organisations worldwide that collect and process personal data of EU citizens. Some of the key changes likely to impact your customer feedback programs are listed below.


Empauwer, GDPR and Privacy Shield

Europe is currently leading the way in terms of regulating the protection of personal data of individuals. The new EU GDPR, which replaces the 1995 EU “Data Protection Directive” (and the laws of the various EU member states implementing the 1995 Directive), has been the focal point of discussion and compliance efforts for many companies around the world, including Empauwer. 

Empauwer is committed to respecting the privacy rights of all of its customers and their users and to taking reasonable and appropriate measures to protect the privacy and security of their personal information, including by implementing measures designed to comply with specific, applicable provisions of the GDPR. 

More generally, Empauwer has updated its technology, service offerings, terms and conditions of service and privacy notice to reflect our ongoing commitment to data privacy and security in compliance with our agreements with our customers and with applicable law.


Enabling you to be GDPR-compliant

Supporting our customers to be GDPR-compliant means Empauwer:

Provides sufficient guarantees to the controller to implement appropriate technical and organisational measures designed to safeguard customer data

Processes data (that could include personal data) only to fulfil its obligations as related to the Services

Enables users to modify and delete their personal data

Can sign a contract that governs the processing of EU personal data


GDPR contract – Data Processing Addendum (DPA)

GDPR Article 28, Section 3 requires that a contract be in place between a data controller and a data processor. The Empauwer Terms of Service, Privacy Policy, and Customer Agreements have provided the fundamental legal requirements and obligations regarding data ownership, processing behavior, safeguarding data and more. 
However if, as an Empauwer customer, you wish to have a GDPR-specific addendum to your agreement, please contact our Customer Success team at